I wrote a script that displays directory contents. The viewer can then click on a file to view it. However, when it is php file, when clicked the dialogue box appears for download of the file. Is there an effective way to block this?

G

Modify your script so that it displays everything but the php files.

I am with Spooks on this one , but if your server is setup to parse PHP files then clicking on a php file in the directory should execute it , not download it! (unless the php file itself produces mime-type headers)

sounds a bit wierd to me !

Thanks, Spookster and Firepages. Yes, I am trying not to show the php3 files in the directory. But I am a simply trying to put in an extra layer of defense, in case my indexing goes wrong or something (which it did the other day - thus the concern). Here is the code that actually reads the file after the viewer clicks on it:
header("Content-Type: */*");
readfile ($thisFile[0]);

If a php extension, the readfile results in a download diaglogue box coming up.

G

php3? try just .php unless your host doesnt take them. you should contact them to knowwhat the problm is. have you ever tried downloading one? does it show up the PHP code?

whackaxe,

Yes, a php3 file. Yes, when downloaded, it shows the code.

G

server problem i would say, is the host only using PHP 3?

Php 4.1.2

G

try just using ".php" instead of php3.but thats strange anyway, php wizard had that problem a while back, i surfed to their page and when i clicked on a file, it showed me the source instead of the page or downlaoded it

Thanks, whackaxe... Just tried using extension php, but same result - it downloads the source file.

G

where you hosted?

whackaxe,

I'm not interested in embarassing anyone. It does appear that if I run this on phpdev that it does not act similarly.

G